rpms/chkrootkit
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
A tool to locally check for signs of a rootkit https://www.chkrootkit.org/
6 Commits 1 Branch 9 Tags 44 KiB
RPM Spec 100%
ce61f1e817
Go to file
Automatic Build System ce61f1e817 automatic version update by autodist [release 0.54-1mamba;Thu Feb 04 2021]
2024-01-05 21:12:50 +01:00
chkrootkit.spec automatic version update by autodist [release 0.54-1mamba;Thu Feb 04 2021] 2024-01-05 21:12:50 +01:00
README.md automatic update by autodist [release 0.50-1mamba;Wed Jul 02 2014] 2024-01-05 21:12:50 +01:00

README.md

chkrootkit

chkrootkit is a tool to locally check for signs of a rootkit. It contains:

  • chkrootkit: shell script that checks system binaries for rootkit modification.
  • ifpromisc: checks if the network interface is in promiscuous mode.
  • chklastlog: checks for lastlog deletions.
  • chkutmp.c: checks for utmp deletions.
  • chkwtmp: checks for wtmp deletions.
  • chkdirs: checks for signs of LKM trojans.
  • chkproc: checks for signs of LKM trojans.
  • strings: quick and dirty strings replacement.

A large number of rootkits, worms and LKMs are currently detected. For an updated list of rootkits, worms and LKMs detected by chkrootkit please visit: http://www.chkrootkit.org/.